Microsoft upgrades free app security tool

Share

Twitter

Facebook

LinkedIn

Google Plus

Microsoft released this week an upgrade to a tool that helps secure applications for the Internet without having to recode them.

The company's EMET (Enhanced Mitigation Experience Toolkit) 2.0 is a free tool designed to prevent current exploitation techniques used throughout the Internet, the company said. EMET 2.0 is accessible at this web page. The tool helps to block targeted attacks against unpatched vulnerabilities in Microsoft, third party, or line of business applications, Microsoft said.

Featured in version 2.0 is a new user interface that shows running processes and whether EMET is active for them. Also, the tool adds the following mitigations to applications that do not support them natively:

Mandatory address space layout randomization

An export address table capability in which hardware breakpoints are used to filter access to the EAT of kernel32.dll and ntdll.dll

Heap Spray Allocation, to pre-allocate memory addresses to block common attacks that fill a process's heap with specially crafted content

EMET 2.0 allows customers to opt-in applications via a command line or through a GUI utility. Mitigations can be applied on a per-application and per-process basis. The tool can be updated as new mitigation technologies become available.